Using Masscanned ================ Dedicated addresses ~~~~~~~~~~~~~~~~~~~ Masscanned is designed to handle its own IP addresses, which means that the host should not have those addresses configured, and Masscanned will answer ``ARP`` requests (or ``ICMPv6`` ``ND`` neighbor sollicitations). The host may have one or more (``IPv4`` and/or ``IPv6``) addresses configured on an interface also used by masscanned, but those addresses must be different from those configured to be used by masscanned. In that situation (dedicated addresses), just run: :: # masscanned -i -f where ```` is the path of a text file with one address (``IPv4`` or ``IPv6``) per line. Addresses shared with the host ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Sometimes it is desirable to have an IP address used by the host (*e.g.*, for administration tasks) and by masscanned (to handle all other incoming packets). Since this is not implemented in masscanned, a tiny hack is needed: we are going to run it on a ``veth`` interface. For this example, we suppose: - The interface is ``eth0``, the address is ``192.168.0.10``. - We want masscanned to handle all the traffic except for incoming SSH connections on TCP/22 port. We create a ``veth`` pair of interfaces, on which we are going to use the 0.255.0.0/31 network (which should not be a problem since 0.0.0.0/8 is reserved as "Current Network"): :: # ip link add to_masscanned type veth peer masscanned # ip link set masscanned up # ip link set to_masscanned up # ip addr add 0.255.0.0/31 dev to_masscanned # masscanned -i masscanned Masscanned can now be used, but only from the host where it runs: :: # ping -c 1 0.255.0.1 PING 0.255.0.1 (0.255.0.1) 56(84) octets de données. 64 octets de 0.255.0.1 : icmp_seq=1 ttl=64 temps=0.442 ms --- statistiques ping 0.255.0.1 --- 1 paquets transmis, 1 reçus, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.442/0.442/0.442/0.000 ms Now, we are going to use Netfilter / ``iptables`` to redirect incoming traffic to masscanned: :: # sysctl -w net.ipv4.ip_forward=1 # iptables -t nat -A PREROUTING -i eth0 -d 192.168.0.10 -p tcp --dport 22 -j ACCEPT # iptables -t nat -A PREROUTING -i eth0 -d 192.168.0.10/32 -j DNAT --to-destination 0.255.0.1 And, from another host on the 192.168.0.0/24 network: :: # ping -c 1 192.168.0.10 PING 192.168.0.10 (192.168.0.10) 56(84) octets de données. 64 octets de 192.168.0.10 : icmp_seq=1 ttl=63 temps=0.366 ms --- statistiques ping 192.168.0.10 --- 1 paquets transmis, 1 reçus, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.366/0.366/0.366/0.000 ms The masscanned output: :: WARN - ARP-Reply to ea:c0:d6:20:0c:6a for IP 0.255.0.1 WARN - ICMP-Echo-Reply to ICMP-Echo-Request